# accounts.maxweb.systems — MALICIOUS

> accounts.maxweb.systems mimics Binance login to steal credentials. Domain now offline. Check details before visiting this high-risk phishing site.

## Summary
PhishDestroy identifies accounts.maxweb.systems as a high-risk phishing domain impersonating the Binance brand. Classified under brand impersonation, this domain was created on March 13, 2025, and used a page titled "Log In | Binance" to deceive users into submitting sensitive login information. The intent was clearly to mimic Binance’s official login interface to harvest user credentials under false pretenses.

Technical analysis reveals that the domain resolved to IP address 43.159.94.13 and was registered through Amazon Registrar, Inc. VirusTotal flagged this domain by 16 out of 95 security vendors, indicating a significant detection rate. Additionally, the domain appeared on two separate security blocklists, further validating its malicious nature. These indicators, combined with the domain’s recent creation and brand impersonation tactics, underscore its threat to users.

Currently, accounts.maxweb.systems is offline, effectively preventing further phishing attempts via this URL. PhishDestroy recommends maintaining vigilance and verifying URLs before entering sensitive information, especially for financial platforms like Binance. The domain’s takedown helps reduce immediate risk, but users should remain cautious of similar fraudulent domains exploiting trusted brand identities.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Target brand: Binance
- Page title: Log In | Binance

## Domain Intelligence
- Registered: 2025-03-13 00:00:00
- Expires: 2026-03-13 00:00:00
- Registrar: Amazon Registrar, Inc.
- Country: US
- IP: 43.159.94.13
- IP Country: SG
- IP City: Singapore
- IP Org: AS139341 ACE
- Nameservers: ns-860.awsdns-43.net ns-1721.awsdns-23.co.uk ns-1419.awsdns-49.org ns-505.awsdns-63.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 16 vendors flagged
  Vendors: ["ADMINUSLabs", "alphaMountain.ai", "BitDefender", "Chong Lua Dao", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Phishing Database", "SOCRadar", "Sophos", "VIPRE", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "PhishingDB"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019b2f4f-7586-774d-958b-231c310912db.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/47019bf7-af2b-4e93-bdbc-43e85e61787c
- PhishDestroy: https://phishdestroy.io/domain/accounts.maxweb.systems/
- LLM endpoint: https://phishdestroy.io/domain/accounts.maxweb.systems/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/accounts.maxweb.systems/
Last updated: 2026-03-19